Azure Overview

Summary

Azure is a cloud platform owned by Microsoft that offers a variety of online resources. In order to use the resources, you need to start a subscription to be responsible for payment and to serve as a general container for all the specific desired resources like a Static Web App or SQL dababase. The subscription will belong to a Tenant, but one Tenant could potentially have many Azure subscriptions.

TerraMax currently has a single Azure subscription, Azure subscription 1, which belongs to the same Tenant as the TerraMax Microsoft 365 account (which supplies resources like Word, Excel and SharePoint). This means that both the Azure and Microsoft 365 accounts are part of the same organization, share access to user identities and security settings, and are both managed through Microsoft Entra ID.

This project uses Azure to host several resources in a secure and centralized way, allowing them to share the same Entra security infrastructure and recongnize the same set of TerraMax users. All resources belong to the same single Azure subscription, and are billed through the same subscription. All these resources and all their costs could be deleted together all at once by canceling the subscription, without affecting the rest of the Tenant (user emails, SharePoint, etc).

App registrations are separate from the apps themselves. These are identities in Entra that correlate to Azure resources, in order to allow those resources to use Entra security for things like logging in with known Tenant user emails. These registrations have separate ids from the actual apps that they represent, and each app with a registration needs to keep track of the registration id in order to use Entra security. If you were to delete the Azure subscription, the app registrations would be orphaned from the apps they represent, but they would remain in Entra until specifically deleted.

Azure resources diagram

General Services

These are types of Azure services that I consider relevant to the project. Azure Functions, Azure Static Web Apps, and Azure App Insights are services that I created specific instances of to use for specific apps. Azure Portal, Cost Management, and Entra ID are more general, default aspects of the Microsoft ecosystem that I consider import to the project.

  • Azure Portal allows you to view and manage the subscription, from creating and deleting resources, to managing settings, to billing.

  • Cost Management allows you to view the current and projected costs incured by the project resources, a breakdown of the cost of specific resources, and to set budget limits.

  • Entra ID


Project Resources

Core elements of this project include:

  • Ordering App (terramax-ordering-app): a user-facing web app that users can directly interact with to submit and manage Deals in HubSpot.
    • Hosted in Azure Static Web Apps
    • Written in React + Typescript
    • Uses Microsoft Entra ID authentication via MSAL, allowing only TerraMax users to log in
    • has an App Registration in Entra
  • Product Manager App (product-manager): a user-facing web app that allows users to quickly look up products and product data, and to create custom Price List PFDs.
    • Hosted in Azure Static Web Apps
    • Written in React + Typescript
    • Uses Microsoft Entra ID authentication via MSAL, allowing only TerraMax users to log in
    • has an App Registration in Entra
  • HubSpot Service (terramax-hubspot-service): a backend app that connects the Ordering App to both an internal product database, and HubSpot’s records of customers and sales.
    • Hosted in Azure Functions
    • Written in Typescript
    • Uses the HubSpot api to access HubSpot data, and a connection string to access the Azure SQL database
    • Uses Microsoft Entra ID to validate incoming requests and restrict access to approved applications
    • Accessed through the Progressive Web App clients, not directly by the user
    • has an App Registration in Entra
  • PDF Service (pdf-service): a containerized backend app that recieves html documents and converts them to PDFs.
    • Hosted in Azure Container Apps
    • Written in TypeScript
    • Uses Puppeteer to run a headless Chromium browser, and Sharp to compress images
    • Accessed only through the HubSpot Service app, not directly by the client
  • TerraMax Data (terramax-data): a SQL database that holds the masterlist of product information, and a log of transactions that have passed through the server app.
    • Hosted in an Azure SQL database on the Azure SQL Server TerraMax db Server
    • Accessed only through the HubSpot Service app (or directly in the Portal or IDE by admin) not directly by the client
  • TerraMax App Images (terramaxappimages): an Azure storage account that stores images for use in other resources.
    • Hosted in Azure Storage Account TerraMax App Images
    • Accessed only through the HubSpot Service app (or directly in the Portal or IDE by admin) not directly by the client

Other relevant resources:

  • terramax-hubspot-service-app-insights
    • Application Insights instance connected to the terramax-hubspot-serviceFunction App, which logs data about the app’s use.
  • terramax-db-server
    • Logical SQL Server that contains the terramax-data database. Azure requires a server to exist, even if it only hosts a single DB.
  • TestResourceGroup
    • The main Resource Group that contains all parts of the project in Azure. The name comes from its origin during the beginning phase of the project, but to rename and restructure would require recreating resources.
  • ASP-TestResourceGroup-9ed2
    • The App Service Plan associated with the Function App terramax-hubspot-service. It defines the underlying compute environment, and was auto-generated (and named) by Azure.
  • testresourcegroup8e0c
    • The storage account automatically created to support the Function App terramax-hubspot-service, used for things like
  • ordering-app_group
    • An organizational group that Azure auto-generated, not structurally important. It overlaps imperfectly with the TestResourceGroup